NanNnCheng's Stars
tothi/rbcd-attack
Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
dahall/Vanara
A set of .NET libraries for Windows implementing PInvoke calls to many native Windows APIs with supporting wrappers.
cfalta/PowerShellArmoury
A PowerShell armoury for security guys and girls
ConsciousHacker/WFH
0xDivyanshu/Injector
Complete Arsenal of Memory injection and other techniques for red-teaming in Windows
hlldz/CVE-2021-1675-LPE
Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527
ytisf/theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
hlldz/Phant0m
Windows Event Log Killer
c0ny1/java-memshell-scanner
通过jsp脚本扫描java web Filter/Servlet型内存马
02bx/PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078
keven1z/weblogic_memshell
适用于weblogic和Tomcat的无文件的内存马(memshell)
Ascotbe/HackerMind
各种安全相关思维导图整理收集。渗透步骤,web安全,CTF,业务安全,人工智能,区块链安全,数据安全,安全开发,无线安全,社会工程学,二进制安全,移动安全,红蓝对抗,运维安全,风控安全,linux安全
EdgeSecurityTeam/EHole
EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具
le31ei/ctf_challenges
适用于一线安服的ctf培训题目,全docker环境一键启动
LandGrey/copagent
java memory web shell extracting tool
bitterzzZZ/MemoryShellLearn
分享几个直接可用的内存马,记录一下学习过程中看过的文章
oldkingcone/slopShell
the only php webshell you need.
paralax/awesome-honeypots
an awesome list of honeypot resources
frkngksl/Celeborn
Userland API Unhooker Project
IlanKalendarov/SharpHook
SharpHook is an offensive API hooking tool designed to catch various credentials within the API call.
BloodHoundAD/BloodHound
Six Degrees of Domain Admin
quackduck/devzat
The devs are over here at devzat, chat over SSH!
LordNoteworthy/al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
archanchoudhury/Davy-Jones-Locker
Getting FREE Cyber Security Resources have been a challenge always. Access Davy-Jones-Locker to get all what you might need to upskill yourself and create an impact in the InfoSec Community
TheKingOfDuck/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
traccar/traccar
Traccar GPS Tracking System
RhinoSecurityLabs/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
dr0op/shiro-550-with-NoCC
Shiro-550 不依赖CC链利用工具
zer0yu/CyberSecurityRSS
CyberSecurityRSS: A collection of cybersecurity rss to make you better!
alibaba/arthas
Alibaba Java Diagnostic Tool Arthas/Alibaba Java诊断利器Arthas